Elfutils through version 0.173 is vulnerable to a double-free in the libelf/elf_end.c:elf_end() function due to the decompression of section data multiple times.. An attacker could exploit this to cause a crash or possibly have unspecified other impact via a crafted ELF.
Created elfutils tracking bugs for this issue:
Affects: fedora-all [bug 1625051]
Reproduced on 7+ quite easily. Did not reproduce on 5/6. 6 was running 0.164.
(In reply to Scott Gayou from comment #4)
> Reproduced on 7+ quite easily. Did not reproduce on 5/6. 6 was running 0.164.
That makes sense, support for compressed ELF sections was introduced in elfutils 0.165.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2019:2197 https://access.redhat.com/errata/RHSA-2019:2197
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):